Coinbase Merchant Error Causes Major Exploit on Overstock

Recently, it was made public that retail giant Overstock.com had fallen victim to a huge exploit involving Coinbase’s merchant API. This is another issue on top of many others that customers and businesses have made apparent affecting the leading Bitcoinexchange.

The even greater issue that emerged was the ability to return purchases made with the discounted BCH and receive Bitcoin in return. Malicious users could pay for an order in Bitcoin Cash and be refunded an equal amount of Bitcoin. This exploit emerged when Coinbase first implemented Bitcoin Cashsupport on December 19, and existed for almost three weeks.

Coinbaseclaims that the bug emerged due to improper implementation of its merchant API by Overstock. According to the exchange, Overstock was the only partner out of dozens of merchants that experienced this issue. Furthermore, Coinbase stated that it worked alongside Overstock to solve the problem.

It is unclear to what extent this bug was exploited, if at all. However, if just one malicious user came across this bug during the time it existed, they would have the potential to steal hundreds of thousands or even millions of dollars worth of Bitcoin from the retailer.

Since first accepting Bitcoin in 2014, Overstock has held onto a portion of its Bitcoin profits, seeing the coin rise from just a few hundred dollars to a high of US$20,000 during this time period. As an outspoken Bitcoin supporter, Overstock’s stock has also performed incredibly in conjunction with the ongoing cryptocurrency surge.